[dns-operations] Who's sleeping well tonight and who's not?
Hauke Lampe
lampe at hauke-lampe.de
Thu Jul 15 20:54:05 UTC 2010
Oh my. It works! It really does!
On 07/15/2010 03:41 PM, Wolfgang Nagele wrote:
> Interested parties need to wait for the trust-anchor to be published by IANA
> before starting to validate.
Not necessarily. Olaf Kolkman published the key's DS hash. Unbound can
use that as trust anchor, too:
hauke at pope:~$ dig +dnssec . soa @85.10.240.249
; <<>> DiG 9.7.1-P1 <<>> +dnssec . soa @85.10.240.249
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54640
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 2, AUTHORITY: 14, ADDITIONAL: 1
My personal thanks to all those who made possible what was frowned upon
as a myth that would never come when I first heard about KEY and NXT
quite a few years ago.
Hauke.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: OpenPGP digital signature
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20100715/bad85c0f/attachment.sig>
More information about the dns-operations
mailing list